public/gallery3-contrib
Archived
1
0
Fork 0
Code Releases Activity

Hide the album instead of the albums contents.

Browse Source
This commit is contained in:
rWatcher 2010-11-07 12:20:50 +08:00 committed by Bharat Mediratta
parent 9969734286
commit 63873f96cd
2 changed files with 20 additions and 46 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
3.0/modules/albumpassword/helpers/MY_item.php
View File

@ -20,32 +20,19 @@
class item extends item_Core {
static function viewable($model) {
// Hide the contents of a password protected album,
// Unless the current user is an admin, or the albums owner.
// Hide password protected albums until the correct password is entered,
// unless the current user is an admin, or the albums owner.
$model = item_Core::viewable($model);
$album_item = ORM::factory("item")->where("id", "=", $model->id)->find();
// Figure out if the user can access this album.
$deny_access = false;
$existing_password = ORM::factory("items_albumpassword")->where("album_id", "=", $model->id)->find();
if ($existing_password->loaded()) {
if ((cookie::get("g3_albumpassword") != $existing_password->password) &&
(identity::active_user()->id != $album_item->owner_id))
$deny_access = true;
}
// set access::DENY if necessary.
$view_restrictions = array();
if ($deny_access == true) {
if (!identity::active_user()->admin) {
foreach (identity::group_ids_for_active_user() as $id) {
$view_restrictions[] = array("items.view_$id", "=", access::DENY);
}
}
}
if (count($view_restrictions)) {
$model->and_open()->merge_or_where($view_restrictions)->close();
// If the user is an admin, don't hide anything anything.
// If not, hide whatever is restricted by an album password
// that the current user is not the owner of.
if (!identity::active_user()->admin) {
$model->and_open()->join("items_albumpasswords", "items.id", "items_albumpasswords.album_id", "LEFT OUTER")
->and_where("items_albumpasswords.album_id", "IS", NULL)
->or_where("items_albumpasswords.password", "=", cookie::get("g3_albumpassword"))
->or_where("items.owner_id", "=", identity::active_user()->id)->close();
}
return $model;

33
3.1/modules/albumpassword/helpers/MY_item.php
View File

@ -20,32 +20,19 @@
class item extends item_Core {
static function viewable($model) {
// Hide the contents of a password protected album,
// Unless the current user is an admin, or the albums owner.
// Hide password protected albums until the correct password is entered,
// unless the current user is an admin, or the albums owner.
$model = item_Core::viewable($model);
$album_item = ORM::factory("item")->where("id", "=", $model->id)->find();
// Figure out if the user can access this album.
$deny_access = false;
$existing_password = ORM::factory("items_albumpassword")->where("album_id", "=", $model->id)->find();
if ($existing_password->loaded()) {
if ((cookie::get("g3_albumpassword") != $existing_password->password) &&
(identity::active_user()->id != $album_item->owner_id))
$deny_access = true;
}
// set access::DENY if necessary.
$view_restrictions = array();
if ($deny_access == true) {
if (!identity::active_user()->admin) {
foreach (identity::group_ids_for_active_user() as $id) {
$view_restrictions[] = array("items.view_$id", "=", access::DENY);
}
}
}
if (count($view_restrictions)) {
$model->and_open()->merge_or_where($view_restrictions)->close();
// If the user is an admin, don't hide anything anything.
// If not, hide whatever is restricted by an album password
// that the current user is not the owner of.
if (!identity::active_user()->admin) {
$model->and_open()->join("items_albumpasswords", "items.id", "items_albumpasswords.album_id", "LEFT OUTER")
->and_where("items_albumpasswords.album_id", "IS", NULL)
->or_where("items_albumpasswords.password", "=", cookie::get("g3_albumpassword"))
->or_where("items.owner_id", "=", identity::active_user()->id)->close();
}
return $model;